diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 18 |
1 files changed, 12 insertions, 6 deletions
@@ -51,12 +51,18 @@ Change this by setting the `bind_address` key in the json config file. ## TLS -`gobottin` supports SSL connections using the STARTTLS LDAP functionnality. -To use it, specify the following three keys in the json config file: - -- `ssl_server_name`: the host name that clients will use to reach your LDAP server -- `ssl_cert_file`: path to your SSL certificate (a `.pem` file) -- `ssl_key_file`: path to your SSL key (a `.pem` file) +`gobottin` supports TLS connections either as a mandatory default for all +connections or using the STARTLS functionnality of the LDAP protocol. To use +it, specify the following three keys in the json config file: + +- `tls_server_name`: the host name that clients will use to reach your LDAP server +- `tls_cert_file`: path to your TLS certificate (a `.pem` file) +- `tls_key_file`: path to your TLS key (a `.pem` file) + +Specify `"use_starttls": true` to allow connections to start as insecure +connections and allow them to use the STARTTLS mechanism to upgrade to a secure +connection. If `use_starttls` is not specified or set to `false`, TLS is made +mandatory for all clients. ## Access control list |